A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf
.
Filters
Policy algebras for access control the predicate case
2002
Proceedings of the 9th ACM conference on Computer and communications security - CCS '02
This paper deals with the algebra used to compose access control policies of collaborating organizations. ...
This paper extends the algebra to many sorted first order predicate case. The predicate version can be used to reason about first order properties of security policies from their components. ...
CONCLUSIONS In this paper, we extended the access policy composition algebra of [21, 22] to the predicate case. ...
doi:10.1145/586110.586134
dblp:conf/ccs/WijesekeraJ02
fatcat:zeppdlk6cfgmfidgdvd6okh3xy
Policy algebras for access control the predicate case
2002
Proceedings of the 9th ACM conference on Computer and communications security - CCS '02
This paper deals with the algebra used to compose access control policies of collaborating organizations. ...
This paper extends the algebra to many sorted first order predicate case. The predicate version can be used to reason about first order properties of security policies from their components. ...
CONCLUSIONS In this paper, we extended the access policy composition algebra of [21, 22] to the predicate case. ...
doi:10.1145/586131.586134
fatcat:azucdpjun5hf7dgnah4vydf2j4
On attribute-based usage control policy ratification for cooperative computing context
[article]
2013
arXiv
pre-print
Then we propose a policy ratification method based on a policy aggregation algebra that elaborate the request space and policy rule relation. ...
This paper describes an attribute-based usage control policy shceme compline to this needs. A concise syntax with EBNF is used to summarize the base policy model. ...
Attribute-based access control Attribute-Based Access Control ('ABAC' for short) policy model [23, 24, 25, 3] . ...
arXiv:1305.1727v1
fatcat:xneumjd77vbpzdnc6yvktvpa6y
Process Algebra for Event-Driven Runtime Verification: A Case Study of Wireless Network Management
[chapter]
2012
Lecture Notes in Computer Science
Policies forbid or allow access control; for example, a policy might block UDP and TCP traffic from a given site. ...
And when considering events, then the natural formalism for verification is a form of process algebra. ...
These predicates encapsulate properties required for correct encoding of topology or policy events, as well as system properties, including detecting configurations that violate user-invoked access control ...
doi:10.1007/978-3-642-30729-4_2
fatcat:46y44ckve5doxlr3k5sj2qsatq
Validation of Policy Integration Using Alloy
[chapter]
2005
Lecture Notes in Computer Science
We show how the various approaches for composing security policies can be modeled and verified using Alloy, a lightweight modeling system with automatic semantic analysis capability. ...
Organizations typically have multiple security policies operating together in the same system. The integration of multiple policies might be needed to achieve the desired security requirements. ...
An Algebra for Composing Access Control Policies and Its Representation in Alloy Bonatti et al. [2] propose an algebra for composing access control policies. ...
doi:10.1007/11604655_48
fatcat:wiq2erxyyrfrblr5wkcusxjh4m
Enforcing access control over data streams
2007
Proceedings of the 12th ACM symposium on Access control models and technologies - SACMAT '07
We further develop an access control mechanism to enforce the access control policies based on these operators. We show that our method is secure according to the specified policies. ...
control policies. ...
For what concerns access control, the first case is the simplest one. ...
doi:10.1145/1266840.1266845
dblp:conf/sacmat/CarminatiFT07
fatcat:zidx47nkobhahcr3w7wrex5qza
A modular approach to composing access control policies
2000
Proceedings of the 7th ACM conference on Computer and communications security - CCS '00
We propose an algebra of security policies together with its formal semantics and illustrate how to formulate complex policies in the algebra and reason about them. ...
We also illustrate a translation of policy expressions into equivalent logic programs, which provide the basis for the implementation of the language. ...
Before describing access control in more details we illustrate a translation of algebraic expressions into equivalent logic programs, then used for access control enforcement. ...
doi:10.1145/352600.352623
dblp:conf/ccs/BonattiVS00
fatcat:qcojgbrfibda5mqn22oikbgjtm
Access Control Policies and Languages in Open Environments
[chapter]
2007
Advances in Information Security
Recent proposals for specifying and exchanging access control policies adopt different types of access control languages. In this chapter, we review three different types of access control languages. ...
We start the chapter with an overview of the basic concepts on which access control systems are based. We then illustrate logic-based, XML-based, and credential-based access control languages. ...
Basically, the translation process creates a distinct predicate symbol for each policy identifier and for each algebraic operator in the expression. ...
doi:10.1007/978-0-387-27696-0_2
fatcat:hodoqkf4nveyvbw7flgrca7ine
Flexible Security Policies in SQL
[chapter]
2002
Database and Application Security XV
We demonstrate the power of our approach by showing how a variety of access control policies can be represented. ...
We show how a wide variety of role-based access control policies may be formally specified in the stratified subset of clause form logic. ...
In this case, the SQL will include the limitation predicate in the appended condition. Moreover, any number of access policies may be represented by using the approach we have described.
s. ...
doi:10.1007/978-0-387-35587-0_12
fatcat:luaithhlgfanpimnb5nugybbze
On the Soundness Property for SQL Queries of Fine-grained Access Control in DBMSs
2009
2009 Eighth IEEE/ACIS International Conference on Computer and Information Science
The fine-grained access control approaches in DBMSs should satisfy soundness property which requires the answer of a query returned by the approach under the control of finegrained access control is consistent ...
with the answer when there is no fine-grained access control. ...
The work presented in this paper is supported by 863 hitech research and development program of China, granted number: 2006AA01Z430. ...
doi:10.1109/icis.2009.21
dblp:conf/ACISicis/ShiZFJ09
fatcat:foysuevgvzdcppjzjogtaezmoa
A simple and expressive semantic framework for policy composition in access control
2007
Proceedings of the 2007 ACM workshop on Formal methods in security engineering - FMSE '07
We define an access control policy as a fourvalued predicate that maps accesses to either grant, deny, conflict, or unspecified. These correspond to the four elements of the Belnap bilattice. ...
We define derived, higher-level operators that are convenient for the specification of access control policies, and enable the decoupling of conflict resolution from policy composition. ...
This work has, in part, be performed in collaboration with the project "Aspects of Security for Citizens", funded by the Danish Strategic Research Council. ...
doi:10.1145/1314436.1314439
dblp:conf/ccs/BrunsDH07
fatcat:6cng3girkrfq7cabttlufhtwte
Modelling Fine-Grained Access Control Policies in Grids
2015
Journal of Grid Computing
We abstract the specification of the enforcement mechanism from current implementations of usage control for Grids. ...
This paper presents an abstract specification of an enforcement mechanism of usage control for Grids, and verifies formally that such mechanism enforces UCON policies. ...
Moreover, for the case of OnA-type policies, the policy must also be enforced during the access period. ...
doi:10.1007/s10723-015-9351-x
fatcat:t74xarutbrc7fba7vt2gbrz3lq
Timed constraint programming
2005
Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming - PPDP '05
This paper focuses on policy languages for (role-based) access control [14, 32] , especially in their modern incarnations in the form of trust-management systems [9] and usage control [30, 31] . ...
Any (declarative) approach to access control and trust management has to address the following issues: • Explicit denial, inheritance, and overriding, and • History-sensitive access control Our main contribution ...
For example, in the case of a read request, membership is tested in various READ CONTROL ACLs. ...
doi:10.1145/1069774.1069790
dblp:conf/ppdp/JagadeesanM05
fatcat:3ajf46mvarfcrbw77mjp6qhkny
Recent Advances in Access Control Models
[chapter]
2003
Lecture Notes in Computer Science
We also discuss the recent work on policy algebras and subject identity issues in secure federations. ...
This paper discusses several access control models that have been recently proposed to address these emerging needs including models that provide policy-neutral flexible access control and their efficient ...
Acknowledgement This work was partially supported by the National Science Foundation under the grant CCR-0113515. ...
doi:10.1007/978-3-540-45160-0_1
fatcat:t2shtdvjzzavlcwwqnpnyca3i4
Usage control in computer security: A survey
2010
Computer Science Review
access for authorized entities (availability). ...
Usage control is a novel and promising approach for access control in open, distributed, heterogeneous and network-connected computer environments. ...
Acknowledgement This work has been partially supported by the EU project FP6-033817 GRIDTRUST (Trust and Security for Next Generation Grids). ...
doi:10.1016/j.cosrev.2010.02.002
fatcat:h7y7kvgnondzjpzwcsps7fimwa
« Previous
Showing results 1 — 15 out of 5,941 results